Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 584
Alerts This Week
Warning Icon 1 584

openSUSE: 2016:3108-1 Important: Multiple Chromium Security Issues

opensuse
Calendar Grey December 13, 2016
Scroller Opensuse
This critical announcement pertains to 30 security flaws in Firefox on Fedora impacting releases 34, 33, and 32.
An update that fixes 27 vulnerabilities is now available

Description

This update to Chromium 55.0.2883.75 fixes the following vulnerabilities:

- CVE-2016-9651: Private property access in V8

- CVE-2016-5208: Universal XSS in Blink

- CVE-2016-5207: Universal XSS in Blink

- CVE-2016-5206: Same-origin bypass in PDFium

- CVE-2016-5205: Universal XSS in Blink

- CVE-2016-5204: Universal XSS in Blink

- CVE-2016-5209: Out of bounds write in Blink

- CVE-2016-5203: Use after free in PDFium

- CVE-2016-5210: Out of bounds write in PDFium

- CVE-2016-5212: Local file disclosure in DevTools

- CVE-2016-5211: Use after free in PDFium

- CVE-2016-5213: Use after free in V8

- CVE-2016-5214: File download protection bypass

- CVE-2016-5216: Use after free in PDFium

- CVE-2016-5215: Use after free in Webaudio

- CVE-2016-5217: Use of unvalidated data in PDFium

- CVE-2016-5218: Address spoofing in Omnibox

- CVE-2016-5219: Use after free in V8

- CVE-2016-5221: Integer overflow in ANGLE

- CVE-2016-5220: Local file...

Read the Full Advisory

Patch

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.

Alternatively you can run the command listed for your product:

- openSUSE Leap 42.2:

zypper in -t patch openSUSE-2016-1453=1

- openSUSE Leap 42.1:

zypper in -t patch openSUSE-2016-1453=1

- openSUSE 13.2:

zypper in -t patch openSUSE-2016-1453=1

To bring your system up-to-date, use "zypper patch".

Package List

- openSUSE Leap 42.2 (x86_64):

chromedriver-55.0.2883.75-99.2

chromedriver-debuginfo-55.0.2883.75-99.2

chromium-55.0.2883.75-99.2

chromium-debuginfo-55.0.2883.75-99.2

chromium-debugsource-55.0.2883.75-99.2

- openSUSE Leap 42.1 (x86_64):

chromedriver-55.0.2883.75-99.2

chromedriver-debuginfo-55.0.2883.75-99.2

chromium-55.0.2883.75-99.2

chromium-debuginfo-55.0.2883.75-99.2

chromium-debugsource-55.0.2883.75-99.2

- openSUSE 13.2 (i586 x86_64):

chromedriver-55.0.2883.75-148.1

chromedriver-debuginfo-55.0.2883.75-148.1

chromium-55.0.2883.75-148.1

chromium-debuginfo-55.0.2883.75-148.1

chromium-debugsource-55.0.2883.75-148.1

chromium-ffmpegsumo-55.0.2883.75-148.1

chromium-ffmpegsumo-debuginfo-55.0.2883.75-148.1

References

https://www.suse.com/security/cve/CVE-2016-5203.html

https://www.suse.com/security/cve/CVE-2016-5204.html

https://www.suse.com/security/cve/CVE-2016-5205.html

https://www.suse.com/security/cve/CVE-2016-5206.html

https://www.suse.com/security/cve/CVE-2016-5207.html

https://www.suse.com/security/cve/CVE-2016-5208.html

https://www.suse.com/security/cve/CVE-2016-5209.html

https://www.suse.com/security/cve/CVE-2016-5210.html

https://www.suse.com/security/cve/CVE-2016-5211.html

https://www.suse.com/security/cve/CVE-2016-5212.html

https://www.suse.com/security/cve/CVE-2016-5213.html

https://www.suse.com/security/cve/CVE-2016-5214.html

https://www.suse.com/security/cve/CVE-2016-5215.html

https://www.suse.com/security/cve/CVE-2016-5216.html

https://www.suse.com/security/cve/CVE-2016-5217.html

https://www.suse.com/security/cve/CVE-2016-5218.html

https://www.suse.com/security/cve/CVE-2016-5219.html

https://www.suse.com/security/cve/CVE-2016-5220.html

https://www.suse.com/security/cve/CVE-2016-5221.html

https://www....

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2016:3108-1
Rating: important
Affected Products: openSUSE Leap 42.2 openSUSE Leap 42.1 openSUSE 13.2 .

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.